CVE-2018-15918

An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) allows a user of the application without permissions to read and modify sensitive information from the database used by the application via the startdate or enddate parameter to leaves/validate.
References
Configurations

Configuration 1

cpe:2.3:a:jorani_project:jorani:0.6.5:*:*:*:*:*:*:*

Information

Published : 2018-09-05 09:29

Updated : 2022-07-05 03:12


NVD link : CVE-2018-15918

Mitre link : CVE-2018-15918

Products Affected
No products.
CWE